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1 CLAIMS 

2 WHAT IS CLAIMED IS: 

3 1. A method of creating a computer program that uses a cryptographic 

4 algorithm to apply a cryptographic key to first data, said method comprising the acts of: 

5 identifying a set of actions that are performed in the course of 

6 using said cryptographic algorithm to apply said cryptographic key to said first data; 

7 generating a first set of computer-executable instructions which 

8 includes instructions to perform said actions; 

9 including said first set of computer-executable instructions in said 

10 computer program, wherein said computer program does not require access to said 

1 1 cryptographic key. 



S 12 

13 2. The method of claim 1, wherein said cryptographic algorithm is a 

p 14 public/private-key algorithm. 

h. 15 

;f I 16 3. The method of claim 2, wherein said cryptographic key is the private 

i "y 

M 17 key of an asymmetric key pair. 
Q 18 

19 4. The method of claim 1, further comprising the act of receiving second 

20 data which in some way identifies or relates to a computing device on which said 

21 computer program runs, and wherein said first set of computer-executable instructions 

22 is based on said second data. 

23 

24 5. The method of claim 4, wherein said second data comprises or is 

25 based on one or more of the following: a CPUID associated with a processor of said 

26 computing device; a serial number associated with said processor; and third data which 

27 identifies a hard disk associated with said computing device, said third data being 

28 assigned to said hard disk by a manufacturer or distributor of said hard disk. 
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6. The method of claim 4, wherein said first set of computer-executable 
instructions comprises one or more instructions which depend for their correct 
execution on the retrieval during execution of said second data. 

7. The method of claim 1, further comprising the act of randomly or 
pseudo-randomly generating a number, wherein said first set of computer-executable 
instructions is based on said number. 

8. The method of claim 1, further comprising the acts of: 

generating a diversionary second set of computer-executable 
instructions which perform one or more second actions; and 

including said second set of computer-executable instructions in 
said computer program. 

9. The method of claim 8, further comprising the act of retrieving said 
diversionary second set of computer-executable instructions from a database of stored 
code. 

10. The method of claim 8, wherein said computer program does not 
rely on performance of said second actions to apply said cryptographic key to said first 
data. 

11. The method of claim 1, further comprising the act of generating a 
second set of computer-executable instructions which detects modification or deletion of 
at least a portion of code contained in said computer program, and which restores said 
portion if said portion has been deleted or modified. 
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12. The method of claim 1, further comprising the act of reorganizing at 
least some code contained in said computer program. 

13. The method of claim 1, further comprising the acts of: 

delimiting a segment of at least some code contained in said 



computer program; 



obtaining a first hash of the code inside the delimited segment; 
including said first hash of the delimited segment within said 



computer program; 



creating a second set of computer-executable instructions which 
obtains a second hash of the delimited segment and which compares said second hash 
with said first hash; and 

including said second set of computer-executable instructions in 



14. The method of claim 1, further comprising the acts of: 
encrypting at least a portion of said first set of computer- 

18 executable instructions; and 

creating a second set of computer-executable instructions which 

decrypts said portion. 

15. The method of claim 1, wherein said act of creating said first set of 
computer-executable instructions comprises the acts of: 

creating instructions in a source-level language; and 
compiling said source-level-language instructions. 

16. The method of claim 15, further comprising the act of postprocessing 
the compiled instructions after said compiling act, wherein said postprocessing act 



MSFT-0188/154574.1 - 56 - PATENT 

1 comprises one or more of the following: encrypting at least a portion of the compiled 

2 instructions, and hashing at least a portion of the compiled instructions. 

3 

4 17. The method of claim 1, further comprising the acts of: 

5 receiving, from a computing device, a request for said computer 

6 program via a network; and 

7 providing said computer program to said computer device via 

8 said network. 
9 

Q 10 18. The method of claim 17, wherein said network comprises the 

■Q 

sii 11 Internet. 

a 

i a 13 19. The method of claim 17, wherein said receiving act occurs 

'•4 

,f 14 substantially contemporaneously with said providing act. 

a 15 

! : 16 20. The method of claim 1, wherein said generating act comprises 

\u 

s 4 17 retrieving instructions from a database of stored code. 
Q « 

19 21. A computer-readable medium encoded with a third set of computer- 

20 executable instructions to perform the method of claim 1 . 

21 

22 22. A method of securely decrypting data with a cryptographic key, said 

23 method comprising the acts of: 

24 performing a first set of actions which apply said cryptographic 

25 key to said data, said first set of actions not requiring for their performance access to 

26 said cryptographic key; and 

27 performing a diversionary second set of actions different from 

28 said first set of actions; 
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1 wherein said first and said second sets of actions are implemented by way of a set of 

2 computer-executable instructions executable on a computing device. 

3 

4 23. The method of claim 22, wherein performance of said first set of 

5 actions does not depend on performance of said diversionary second set of actions. 

6 

7 24. The method of claim 22, wherein either of said first or second sets of 

8 actions in some manner relies for its performance on retrieval or derivation from said 

9 computing device of hardware identification data which identifies or in some way 
■3 10 relates to hardware associated with said computing device. 

^ 12 25. The method of claim 22, further comprises the acts of: 

^ 13 detecting a modification or deletion of at least a portion of said 

: p 14 set of computer-executable instructions; and 

q 15 restoring said set of instructions to its state prior to said 

16 modification or deletion. 

H 17 

q 18 26. The method of claim 22, further comprises the act of decrypting at 

19 least a portion of said set of computer-executable instructions prior to executing said 

20 portion. 

21 

22 27. The method of claim 26, further comprising the act of re-encrypting 

23 said portion subsequent to executing said portion. 
24 

25 28. The method of claim 22, further comprising the acts of: 

26 deriving a value based on at least a portion of said set of 

27 computer-executable instructions; and 

28 comparing the derived value to a stored value. 
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l 

2 29. The method of claim 28, wherein said act of deriving comprises the 

3 act of hashing said portion. 

4 

5 30. The method of claim 22, further comprising the act of moving at 

6 least some of said computer-executable instructions to a randomly or pseudo-randomly 

7 selected memory location on said computing device prior to execution of the moved 

8 instructions. 
9 

1 3 10 31. A computer-readable medium encoded with said set of computer- 

'fl 

ifj 1 1 executable instructions to perform the method of claim 22. 

t 12 

13 32. A method of performing an action on a computing device in a 

; p 14 manner that is at least partly resistant to modification or analysis, said method 

15 comprising the acts of: 

: f| 16 executing on said computing device a first set of computer- 

''••4 17 executable instructions that implements a sub-action, wherein performance of said 

d 

i^i 18 action is in at least some way furthered by performance of said sub-action; and 

19 executing on said computing device a second set of computer- 

20 executable instructions that implements said sub-action, said second set of computer- 

21 executable instructions being different from said first set of computer-executable 

22 instructions. 
23 

24 33. The method of claim 32, wherein said action comprises applying a 

25 cryptographic key to first data. 

26 

27 34. The method of claim 33, wherein said action comprises using said 

28 cryptographic key to decrypt said first data. 
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l 

2 35. The method of claim 33, wherein said action comprises using said 

3 cryptographic key to authenticate said first data. 

4 

5 36. The method of claim 32, further comprising the act of executing a 

6 diversionary third set of computer-executable instructions different from said first and 

7 second sets of computer-executable instructions. 
8 

9 37. The method of claim 36, wherein neither said first or second sets of 

Q 10 computer-executable instructions relies for its correct performance on said diversionary 

J p 11 third set of computer-executable instructions. 

9 12 

M 13 38. The method of claim 32, further comprising the acts of: 

g 14 detecting a modification or deletion of at least a portion of said 

" 15 first or second sets of computer-executable instructions; and 

;Jl; 16 restoring the modified or deleted instructions to their state prior 

i"y- 

~j 17 to said modification or deletion. 



3 18 



19 39. The method of claim 32, further comprises the act of decrypting at 

20 least a portion of said first or second sets of computer-executable instructions prior to 

21 executing said portion. 
22 

23 40. The method of claim 39, further comprising the act of encrypting 

24 said portion subsequent to executing said portion. 

25 

26 41. The method of claim 32, further comprising the acts of 

27 deriving a value based on at least a portion of said first or second 

28 sets of computer-executable instructions; and 
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comparing the derived value to a stored value. 



42. The method of claim 41, wherein said act of deriving comprises the 
act of hashing said portion. 



least some of said first or second set of computer-executable instructions to a randomly 
or pseudo-randomly selected memory location prior to their execution on said 
computing device. 

44. A computer-readable medium encoded with computer-executable 
instructions to perform the method of claim 32. 

45. A method of creating a computer program that is at least partly 
resistant to modification or analysis wherein said computer program performs a first 
action on at least two different occasions, said method comprising the acts of: 

creating a first set of computer-executable instructions which 
performs said first action; 

including said first set of computer-executable instructions at a 
first location in said computer program; 

creating a second set of computer-executable instructions which 
performs said first action, said second set of computer-executable instructions being at 
least in part different from said first set of computer-executable instructions; and 

including said second set of computer-executable instructions at a 
second location in said computer program. 



43. The method of claim 32, further comprising the act of moving at 



46. The method of claim 45, wherein said first location is inline with 
code that requires performance of said action. 



• 



MSFT-0188/154574.1 - 61 - PATENT 

1 

2 47. The method of claim 45, wherein said first action comprises applying 

3 a cryptographic key to first data. 

4 

5 48. The method of claim 47, wherein performance of said first action 

6 does not require access to said cryptographic key. 

7 

8 49. The method of claim 45, further comprising the act of receiving 

9 second data which in some way identifies or relates to a computing device on which 
□ 10 said computer program runs, and wherein said first set of computer-executable 
J 11 instructions is based on said second data. 

'i 12 

K 13 50. The method of claim 45, further comprising the act of randomly or 

E 14 pseudo-randomly generating a number, wherein said first set of computer-executable 

L 15 instructions is based on said number. 

^ 16 



>J 17 51 . The method of claim 45, further comprising the acts of: 

^ 18 creating a diversionary third set of computer-executable 

19 instructions; and 

20 including said diversionary third set of computer-executable 

21 instructions in said computer program. 

22 

23 52. The method of claim 45, further comprising the act of creating a 

24 third set of computer-executable instructions which detects modification or deletion of 

25 at least a portion of said computer program, and which restores said portion to its state 

26 prior to modification or deletion. 

27 



• 
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1 53. The method of claim 45, further comprising the act of reorganizing 

2 said first or second sets computer-executable instructions or a combination thereof. 

3 

4 54. The method of claim 45, further comprising the acts of: 

5 delimiting a segment of said computer program; 

6 obtaining a first hash of the code inside the delimited segment; 

7 including said first hash of the delimited segment within said 

8 computer program; and 

9 creating a third set of computer-executable instructions which 
O io obtains a second hash of the delimited segment and which compares said second hash 
\j\ 11 with said first hash. 

a 

?■ 12 

13 55. The method of claim 45, further comprising the acts of: 

p 14 encrypting at least some instructions in said computer program; 

□ 15 and 

•Tj; 

;^ 16 creating a third set of computer-executable instructions which 

' -4 17 decrypts said encrypted instructions prior to their execution. 

Q 

Q 18 

19 56. The method of claim 45, wherein said act of creating said first set of 

20 computer-executable instructions comprises: 

21 creating instructions in a source-level language; and 

22 compiling said source-level-language instructions. 

23 

24 57. The method of claim 56, further comprising the act of postprocessing 

25 the compiled instructions, wherein said postprocessing act comprises one or more of the 

26 following: encrypting at least a portion of the compiled instructions, and hashing at 

27 least a portion of the compiled instructions. 
28 
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1 58. The method of claim 45, further comprising the acts of: 

2 receiving, from a computing device, a request for said computer 

3 program via a network; and 

4 providing said computer program to said computer device via 

5 said network; 
6 

7 59. The method of claim 58, wherein said network comprises the 

8 Internet. 

9 

'"z 10 60. The method of claim 58, wherein said receiving act occurs 

l B 

jjl 1 1 substantially contemporaneously with said providing act. 

13 61. The method of claim 45, further comprising the act of retrieving 

F 14 instructions from a database of stored code to be included in said computer program. 

•Tj 

i5j 16 62. A computer-readable medium encoded with a third set of computer- 

^ 17 executable instructions to perform the method of claim 45. 
y is 

19 63. A method of creating a computer program that is at least partly 

20 resistant to modification or analysis, said method comprising the acts of: 

21 creating a first set of computer-executable instructions; and 

22 creating a second set of computer-executable instructions which 

23 detects modification or deletion of at least a portion of said first set of computer- 

24 executable instructions and which restores said at least a portion if said at least a 

25 portion has been deleted or modified. 
26 

27 64. The method of claim 63, wherein said second set of computer- 

28 executable instructions perform a process comprising the acts of: 
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1 hashing at least a portion of the instructions in said computer 

2 program; and 

3 comparing the result of said hashing act with a stored value. 

4 

5 65. The method of claim 63, further comprising the act of receiving first 

6 data which in some way identifies or relates to a computing device on which said 

7 computer program runs, and wherein said first or second set of computer-executable 

8 instructions is based on said first data. 
9 

j 3 10 66. The method of claim 63, further comprising the act of randomly or 

; S 

\J\ 11 pseudo-randomly generating a number, wherein said first or second set of computer- 

Q 

?*■ 12 executable instructions is based on said number. 

fS 14 67. The method of claim 63, further comprising the act of creating a 

15 diversionary third set of computer-executable instructions which perform one or more 

m 

;*j 16 actions. 

H 17 

□ 

:3 18 68. The method of claim 67, wherein said first and said second sets of 

19 computer-executable instructions do not rely for their correct execution on said 

20 diversionary third set of computer-executable instructions. 
21 

22 69. The method of claim 63, further comprising the acts of: 

23 creating instructions in a source-level language; and 

24 compiling the source-level-language instructions to produce said 

25 computer program. 

26 

27 70. The method of claim 63, further comprising the acts of: 
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encrypting at least some instructions in said computer program; 

and 

creating a third set of computer-executable instructions which 
decrypts said encrypted instructions prior to their execution. 

71. A computer readable medium comprising: 

a first set of computer-executable instructions; and 
a second set of computer-executable instructions which uses 
error-correction techniques to detect variations of said first set of computer-executable 
instructions from a reference state, and to restore said first set of computer-executable 
to said reference state. 

72. The computer-readable medium of claim 71, wherein said reference 
state comprises the state of said first set of computer-executable instructions 
immediately after said computer-executable instructions are loaded into memory for 
execution. 

73. The computer-readable medium of claim 71, wherein first set of 
computer-executable instructions are dynamically modifiable during their execution, 
and wherein said reference state comprises a state of said first set of computer- 
executable instructions at an intermediate point in time during their execution. 



